Tags

Every check type also supports a tags field, which is a list of tags that
can be used with the --include-tags and --exclude-tags arguments to conn-check.

Example YAML:

-type:httpurl:http://google.com/tags:-external

To run just “external” checks:

conn-check --include-tags=external ...

To run all the checks except external:

conn-check --exclude-tags=external

Buffered/Ordered output

conn-check normally executes with output to STDOUT buffered so that the output can be ordered,
with failed checks being printed first, grouping by destination etc.

If you’d rather see results as they available you can use the -U/--unbuffered-output option
to disable buffering.

Generating firewall rules

conn-check includes the conn-check-export-fw utility which takes the same arguments as
conn-check but runs using --dry-run mode and outputs a set of egress firewall
rules in an easy to parse YAML format, for example:

You can then use this output to generate your environments firewall rules (e.g. with
EC2 security groups, OpenStack Neutron, iptables etc.).

Building wheels

To allow for easier/more portable distribution of this tool you can build
conn-check and all its dependencies as Python wheels:

make clean-wheels
make build-wheels
make build-wheels-extra EXTRA=amqp
make build-wheels-extra EXTRA=redis

The build-wheels make target will build conn-check and its base
dependencies, but to include the optional extra dependencies for other
checks such as amqp, redis or postgres you need to use the
build-wheels-extra target with the EXTRA env value.